For the second time in six weeks, NatWest has been the subject of an internet scam known as phishing, where e-mails appearing to come from a legitimate business are sent in an effort to fish for recipients' financial details.
Early in the week, fraudulent e-mails purporting to come from [email protected] began to arrive in e-mail in-boxes throughout the UK. According to Web User, the e-mail said:
"Our new security system will help you to avoid frequently fraud transactions and to keep your investments in safety. Due to technical update we recommend you to reactivate your account. Click on the link below to login and begin using your updated NatWest account."
The link led to a phoney NatWest web site and a request for the browser's account details.
Such attacks are not new, but still catch people out, relying on their trust in a familiar brand to perpetrate the fraud. Usually the phishers send their e-mail using a related trick, known as spoofing, where the identity of the sender is manipulated to foster that trust.
When offering a link to the site, it is easy to disguise the URL. A common trick in phishing scams is to use the @ symbol in the URL. Most browsers will ignore all characters preceding the @ symbol - so the URL http://[email protected] may look to the unsuspecting user like a page of NatWest's site. But it simply takes visitors to phishingcrook.com. The longer the URL, the easier it is to conceal the true destination address.
NatWest pulled its site off-line for a short while on Monday morning, but a spokeswoman told the BBC that this was only a precaution.
She explained, "None of our customers have lost any money, but as before we ask them to remain vigilant and notices have been put up on the web site."
In October, NatWest was one of four banks and building societies targeted in the course of a week.
But banks have other on-line problems to contend with. It was reported this week that some US automatic teller machines (ATMs) using Windows operating systems fell victim to a computer virus earlier in the year.
According to Reuters this is the first time that a computer virus has managed to access ATMs.
Bruce Schneier, of Counterpane Internet Security, told Reuters: "It's a harbinger of things to come." He added, "Specific purpose machines, like microwave ovens and until now ATM machines, never got viruses".